What is CVE-2021-4079?

CVE-2021-4079 is a vulnerability in WebRTC in Google Chrome that allows a remote attacker to potentially exploit heap corruption via crafted WebRTC packets.

How does CVE-2021-4079 affect Google Chrome?

CVE-2021-4079 affects Google Chrome versions prior to 96.0.4664.93.

How can a remote attacker exploit CVE-2021-4079?

A remote attacker can exploit CVE-2021-4079 by sending crafted WebRTC packets to the target system, potentially causing heap corruption.

Which versions of Google Chrome are affected by CVE-2021-4079?

Google Chrome versions prior to 96.0.4664.93 are affected by CVE-2021-4079.

Where can I find more information about CVE-2021-4079?

More information about CVE-2021-4079 can be found at the Debian security tracker: https://security-tracker.debian.org/tracker/CVE-2021-4079

Vulnerability/
CVE-2021-4079

high

8.8

CWE

787

1/11/2021

23/12/2021

21/11/2024

CVE-2021-4079: Out of bounds write in WebRTC

First published: Mon Nov 01 2021(Updated: )

Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets.

Credit: chrome-cve-admin@google.com Brendon Tiszka chrome-cve-admin@google.com

Affected Software	Affected Version	How to fix
debian/chromium	<=90.0.4430.212-1~deb10u1	116.0.5845.180-1~deb11u1 118.0.5993.70-1~deb11u1 116.0.5845.180-1~deb12u1 118.0.5993.70-1~deb12u1 118.0.5993.70-1
Google Chrome	<96.0.4664.93
Debian Debian Linux	=10.0
Debian Debian Linux	=11.0
Google Chrome	<96.0.4664.93	96.0.4664.93
	<96.0.4664.93
	=10.0
	=11.0

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

7014601772789068319

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is CVE-2021-4079?
CVE-2021-4079 is a vulnerability in WebRTC in Google Chrome that allows a remote attacker to potentially exploit heap corruption via crafted WebRTC packets.
How does CVE-2021-4079 affect Google Chrome?
CVE-2021-4079 affects Google Chrome versions prior to 96.0.4664.93.
How can a remote attacker exploit CVE-2021-4079?
A remote attacker can exploit CVE-2021-4079 by sending crafted WebRTC packets to the target system, potentially causing heap corruption.
Which versions of Google Chrome are affected by CVE-2021-4079?
Google Chrome versions prior to 96.0.4664.93 are affected by CVE-2021-4079.
Where can I find more information about CVE-2021-4079?
More information about CVE-2021-4079 can be found at the Debian security tracker: https://security-tracker.debian.org/tracker/CVE-2021-4079

collector/security-tracker-debian
agent/type
collector/nvd-index
agent/software-canonical-lookup-request
agent/references
agent/weakness
collector/mitre-cve
source/MITRE
collector/chrome-releases
agent/software-canonical-lookup
agent/title
agent/severity
agent/description
agent/first-publish-date
collector/nvd-api
source/NVD
agent/last-modified-date
agent/author
agent/tags
agent/softwarecombine
agent/event
agent/trending
package-manager/debian
vendor/google
canonical/google chrome
vendor/debian
canonical/debian debian linux
version/debian debian linux/10.0
version/debian debian linux/11.0